cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
0
Helpful
1
Replies

Traffic from one VPN to VPN

carlosv
Level 1
Level 1

Hi!

I have the following scenario:

USER1 ----- Site2Site IPSec VPN--------|ASA with DMZ| ---------------Site2Site IPSec VPN-------- USER2

USER1 LAN: 192.168.10.0 /24

USER2 LAN: 172.16.1.0 /24

ASA DMZ network: 10.10.10.0 /24

Both users can access the servers in the DMZ from their LAN's.

Now I want both users to see each other LAN's in addition to the DMZ. How should modify the access-lists for this to work?

Thanks in advance

Carlos

1 Reply 1

carlosv
Level 1
Level 1

Forgot to mention... both users still need access to the DMZ on the ASA.  It seems so simple to just add a line on the access-lists for the encryption domains on each USER LAN to the other. But how should look the access-lists on the ASA for this to work?

Unfortunately, a direct tunnel from USER1 to USER2 it's not an option.

This looks like a CCIE Sec question. heh.

Thanks in advance.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: